![](/screenshots/7c7be85f-c3b3-47c3-ae8a-acbcadaf63fc.png)
benefitpad.com
Open in
urlscan Pro
2606:4700:30::681f:4973
Public Scan
Effective URL: https://benefitpad.com/wp-login.php?redirect_to=%2Fwp-signup.php%3Fnew%3Dwesternunion.benefitzip.com
Submission: On October 23 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on October 14th 2018. Valid for: 6 months.
This is the only time benefitpad.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:30:... 2606:4700:30::6818:7df2 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 4 | 2606:4700:30:... 2606:4700:30::681f:4973 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
6 | 94.31.29.64 94.31.29.64 | 33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group) | |
4 | 2a00:1450:400... 2a00:1450:4001:825::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
13 | 3 |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
westernunion.benefitzip.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
benefitpad.com |
ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
PTR: 94.31.29.64.IPYX-077437-ZYO.above.net
2dhmeyblgu6132t92ns0bdkf-wpengine.netdna-ssl.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
netdna-ssl.com
2dhmeyblgu6132t92ns0bdkf-wpengine.netdna-ssl.com |
89 KB |
4 |
googleapis.com
maps.googleapis.com |
108 KB |
4 |
benefitpad.com
1 redirects
benefitpad.com |
3 KB |
1 |
benefitzip.com
1 redirects
westernunion.benefitzip.com |
460 B |
13 | 4 |
Domain | Requested by | |
---|---|---|
6 | 2dhmeyblgu6132t92ns0bdkf-wpengine.netdna-ssl.com |
benefitpad.com
2dhmeyblgu6132t92ns0bdkf-wpengine.netdna-ssl.com |
4 | maps.googleapis.com |
benefitpad.com
maps.googleapis.com |
4 | benefitpad.com |
1 redirects
benefitpad.com
|
1 | westernunion.benefitzip.com | 1 redirects |
13 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni35204.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2018-10-14 - 2019-04-22 |
6 months | crt.sh |
*.netdna-ssl.com COMODO RSA Domain Validation Secure Server CA |
2018-02-28 - 2019-02-28 |
a year | crt.sh |
*.googleapis.com Google Internet Authority G3 |
2018-10-02 - 2018-12-25 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://benefitpad.com/wp-login.php?redirect_to=%2Fwp-signup.php%3Fnew%3Dwesternunion.benefitzip.com
Frame ID: 44670136A591EB00A0686C893BBDE975
Requests: 13 HTTP requests in this frame
Screenshot
![](/screenshots/7c7be85f-c3b3-47c3-ae8a-acbcadaf63fc.png)
Page URL History Show full URLs
-
https://westernunion.benefitzip.com/
HTTP 302
https://benefitpad.com/wp-signup.php?new=westernunion.benefitzip.com HTTP 302
https://benefitpad.com/wp-login.php?redirect_to=%2Fwp-signup.php%3Fnew%3Dwesternunion.benefitzip.com Page URL
Detected technologies
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
![](/vendor/wappa/icons/Google Maps.png)
Detected patterns
- script /\/\/maps.googleapis.com\/maps\/api\/js/i
Detected patterns
- headers server /cloudflare/i
Detected patterns
- env /^jQuery$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://westernunion.benefitzip.com/
HTTP 302
https://benefitpad.com/wp-signup.php?new=westernunion.benefitzip.com HTTP 302
https://benefitpad.com/wp-login.php?redirect_to=%2Fwp-signup.php%3Fnew%3Dwesternunion.benefitzip.com Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
wp-login.php
benefitpad.com/ Redirect Chain
|
4 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
load-scripts.php
2dhmeyblgu6132t92ns0bdkf-wpengine.netdna-ssl.com/wp-admin/ |
105 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
js
maps.googleapis.com/maps/api/ |
98 KB 32 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
wild-googlemap-js.js
2dhmeyblgu6132t92ns0bdkf-wpengine.netdna-ssl.com/wp-content/plugins/wild-googlemap/ |
11 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
wild-googlemap-js-frontend.js
2dhmeyblgu6132t92ns0bdkf-wpengine.netdna-ssl.com/wp-content/plugins/wild-googlemap/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
force-zxcvbn.min.js
benefitpad.com/wp-content/mu-plugins/force-strong-passwords/ |
227 B 256 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js-admin.min.js
benefitpad.com/wp-content/mu-plugins/force-strong-passwords/ |
432 B 500 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
load-styles.php
2dhmeyblgu6132t92ns0bdkf-wpengine.netdna-ssl.com/wp-admin/ |
102 KB 40 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
wild-googlemap-css-frontend.css
2dhmeyblgu6132t92ns0bdkf-wpengine.netdna-ssl.com/wp-content/plugins/wild-googlemap/ |
745 B 616 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
wordpress-logo.svg
2dhmeyblgu6132t92ns0bdkf-wpengine.netdna-ssl.com/wp-admin/images/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
common.js
maps.googleapis.com/maps-api-v3/api/js/34/15/ |
72 KB 26 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
util.js
maps.googleapis.com/maps-api-v3/api/js/34/15/ |
133 KB 50 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ |
62 B 196 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| $ function| jQuery object| google object| module$contents$MapsEvent_MapsEvent object| module$contents$mapsapi$overlay$OverlayView_OverlayView function| WiLD_GooglemapManager object| WGM function| WiLD_Googlemap function| WiLD_Googlemap_Marker function| WiLD_Googlemap_Infowindow function| wp_attempt_focus object| d object| _xdc_2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.benefitpad.com/ | Name: wordpress_test_cookie Value: WP+Cookie+check |
|
.benefitpad.com/ | Name: __cfduid Value: d7c1617e9bcb54a77a9bc92b6b6bf51ef1540273611 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
2dhmeyblgu6132t92ns0bdkf-wpengine.netdna-ssl.com
benefitpad.com
maps.googleapis.com
westernunion.benefitzip.com
2606:4700:30::6818:7df2
2606:4700:30::681f:4973
2a00:1450:4001:825::200a
94.31.29.64
2d926a6d22ff6f554d05d068f89d77e9438dab63899d3a2ccf0aa441c325d89e
3db4ce6152746ef2cf06422937c55e1dc3fefe5b78ffafd9e57f8812a81a15f7
4951a1b454f930b522ab9f52a9d059dd5ab8085609cd6c23a1843d9059dd8c46
4d6d04b3c9f53d29e29c35c60fa8e00521b97b9cde82db9ce291a938154760ef
7ee1ac6d9b88d4bd02fddbb2f0ad9b90c0a4e8d461092d2ed9d4fe8e1ed9060b
8f2a9d404f9d0555d9843c8a42fc4be424a188aac72eeff03258680dc35378e6
8fabaf6789ee0a389057597cbcdb1fb8df07efae6c09a81489a05f0f336c15ea
a096dcd1885092b39bf53e0b44e99b3d414ed61c124773e2b3b9ddf0f75140cd
a0bbefd626f1e76f9245ec6c6101b679ba27412b71b32fc43eccda9db40f394b
c7591bf7ecde06f7a8336e46c650119f9d53a7f2b151de409ff1cc7a3666f4c2
c8c7c25aaa504e82c94de0d55034bdfd14bb01f374c9619ce030ebb2e4318ec0
ce22923d74bb6c5e017ed3219e1ab7e687100618639ca7e2ce3d1ed6465c946d
d2f79af3b8b0fb26c472c0a5f111d7f4bf401f36a4bc36ca584f320d4a6c526c